O'Reilly logo

Java Enterprise in a Nutshell, Third Edition by William Crawford, Jim Farley

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Other J2EE Security Topics

In this section, we discuss a few other topics relevant to J2EE security, including securing enterprise resource managers, web service security, and single sign-on.

Accessing Enterprise Resource Managers

An enterprise may have a wide range of enterprise resource managers such as relational database systems and message-oriented middleware products. To establish a connection to these resources, authentication is often required. You can manage the authentication details for these resource managers in one of two ways. You can manage it yourself in your application code, or you can use the application server or container to manage the connection details for you.

Resource manager references are declared in web and EJB deployment descriptors using <resource-ref> elements. Full details on declaring resource references in deployment descriptors can be found in Chapter 2. In terms of the authentication mode to be used with a given resource, this is specified using the <res-auth> element within the <resource-ref> element. To indicate that the container should handle authentication details, set the <res-auth> element to Container. You then need to configure the authentication details for the resource in the container, using its management tools or container-specific configuration files. If you’d prefer to manage the authentication details in your application code, set the <res-auth> value to Application. It’s usually preferable to use container-managed authentication ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required